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DETAILED ACTION 

1 . This action is in response to the request for reconsideration filed November 1 9, 
2008. 

2. Claims 1-9 and 12-14 are currently pending. Claims 1-9 are currently amended, 
claims 12-14 are new and claims 10 and 11 have been cancelled. 

3. Applicant's arguments, with regards to claims 1 and 7-9, filed November 19, 2008 
have been fully considered but they are not persuasive. 

Examiner Notes 

4. Examiner cites particular columns and line numbers in the references as applied 
to the claims below for the convenience of the applicant. Although the specified citations 
are representative of the teachings in the art and are applied to the specific limitations 
within the individual claim, other passages and figures may apply as well. It is 
respectfully requested that, in preparing responses, the applicant fully consider the 
references in entirety as potentially teaching all or part of the claimed invention, as well 
as the context of the passage as taught by the prior art or disclosed by the examiner. 

5. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 
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Claim Rejections - 35 USC §112 

6. Applicant's arguments, see page 10, and respective amendments filed 19 
November 2008, with respect to the indefiniteness of claim 5 has been fully considered 
and are persuasive. The rejection of claim 5 has been withdrawn. 

Claim Rejections - 35 USC § 101 

7. As claim 1 1 has been canceled, the rejection thereof has been withdrawn. 

Claim Rejections - 35 USC §102 

8. Claim 8 is rejected under 35 U.S.C. 102(b) as being anticipated by WIPO 
Publication No. WO-2000/062503 A2 (hereinafter "Hardjono"). 

Hardjono teaches a router device (page 5, lines 9-10) being arranged to route a 
communication fragment from a sender device towards a receiver device, the 
communication fragment comprising a target group address referring to at least two 
receiver devices (page 5, lines 10-13), the router device comprising: 

receiving means being arranged to receive the communication fragment 
comprising a cryptographic message integrity code that is at least partly based on the 
target group address (page 5, lines 10—13 and 16-18 and page 7, line 13 to page 8, 
line 7, the processing hardware and software recited on line 1 1 relies on the 
identification tags (as indicated on page 3, lines 17-22 and comprising the base/child 
encryption key which incorporates the multicast ID number (i.e. target group address)) 
to authenticate the messages, so these must be a part of the received and transmitted 
messages), 
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modifying means being arranged to modify the communication fragment, by 
replacing the target group address by a reference referring to one of the at least two 
receiver devices, while maintaining the original cryptographic message integrity code 
without use of a cryptographic key related to the cryptographic message integrity code 
(page 8, line 29 through page 9, line 2, the router ID number of the receiving router 
being appended to the message/base tag combination), and 

transmitting means being arranged to transmit the modified communication 
fragment to the one of the at least one two receiver devices (page 9, lines 7-9, routers in 
Hardjono act as routers, senders and receivers), but does not specifically teach wherein 
the cryptographic message integrity code is at least partly based on the target group 
address. 

Claim Rejections - 35 USC §103 

9. Claims 1-3, 5-6, 9, 12, and 14 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hardjono in view of European Patent Application Pub. No. EP 
1032178 A1 (hereinafter "Chen et al."). 

As to claim 1, Hardjono teaches a method of communicating a communication 
fragment, the communication fragment comprising a first target group address referring 
to at least two receiver devices (Fig.1 and Fig. 2, e.g. transmitting to a multicast group 
as depicted in Fig. 1), the method comprising acts of: 

a sender device adding a cryptographic message integrity code to protect at least 
part of the communication fragment, wherein the cryptographic message integrity code 
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is at least partly based on the target group address (Fig. 2, element 204 and page 7, 
line 13 to page 8, line 7, the tag (i.e. the cryptographic message integrity code) 
comprising the base/child encryption key which incorporates the multicast ID number 
(i.e. target group address)), 

the sender device transmitting the protected communication fragment to a router 
device (Fig. 2, element 206), 

Hardjono does not specifically teach the router device, for at least one receiver 
device in the target group address, replacing the first target group address with an 
address of the at least one receiver device forming a modified protected communication 
fragment, while maintaining the unchanged cryptograph message integrity code, and 
subsequently forwarding the modified protected communication fragment to the at least 
one receiver device, 

the at least one receiver device receiving the modified protected communication 
fragment, 

the at least one receiver device restoring the original protected communication 
fragment by replacing the address of the at least one receiver device with the target 
group address to allow verification of the protected communication fragment using the 
message integrity code. 

However, Chen et al. teaches the router device, for at least one receiver device 
in the target group address, replacing the first target group address with an address of 
the at least one receiver device forming a modified protected communication fragment, 
while maintaining the unchanged cryptograph message integrity code, and 
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subsequently forwarding the modified protected communication fragment to the at least 
one receiver device (column 10, lines 7-21 and column 11, line 58 through column 12, 
line 12, the home agent acts as the router device and suggests that it may be necessary 
to amend any error checking while not mandating that the home agent does so, and the 
foreign agent acts as a receiver device), 

the at least one receiver device receiving the modified protected communication 
fragment (column 12, lines 2-12), 

the at least one receiver device restoring the original protected communication 
fragment by replacing the address of the at least one receiver device with the target 
group address to allow verification of the protected communication fragment using the 
message integrity code (column 12, lines 2-12, the home address being equivalent to 
the group address). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching of Hardjono to include the 
router device directly modifying the target address reference and the receiver device 
restoring the original protected communication of Chen et al. because this would avoid 
longer communication fragments normally needed (Chen et al., column 3, lines 25-34). 

As to claim 2, Hardjono and Chen et al. do not specifically teach wherein the first 
communication fragment comprises a bit field IA to indicate whether indirect addressing 
is used. 
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However, the concept and advantages of using a bit field to indicate whether an 
indirect address is being used is well known and expected in the art. For example U.S. 
Patent App. Pub. US 2003/0223402 A1 (page 2, paragraph 30, multicast by its nature 
uses indirect addressing). 

Therefore it would have been obvious to a person having ordinary skill in the art 
at the time of the invention was made to modify the teaching of Hardjono and Chen et 
al. to use a single bit to indicate whether or not indirect addressing was being used. 

As to claim 3, Hardjono teaches wherein the sender device and the at least one 
receiver device share a common cryptographic key, and where the cryptographic 
message integrity code is computable and verifiable only by using the common 
cryptographic key (page 6, lines 12-13 and 19-20), but does not specifically teach 
wherein the common cryptographic key is not shared with the router. 

However, wherein the common cryptographic key is not shared with the router is 
well known and expected in the art (e.g. US Patent Application Pub. No. US 
20020078353 A1 (hereinafter "Sandhu"), page 1, paragraph 12 and page 2, paragraph 
18, the (possibility of the) presence of an eavesdropper (i.e. the router) being the basis 
for the use of asymmetric cryptography to avoid the problem of (insecure) symmetric 
key distribution). Thereby official notice is taken. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify Hardjono to use a key unknown by any of 
the routers since this is well known and expected in the art and allows for the use of an 
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existing multicast framework (as in Hardjono) to be used for secure communications of 
different types, e.g. unicast or a different multicast group. 

As to claim 5, Hardjono and Chen et al. teach wherein the at least one receiver 
device restores the protected communication fragment by replacing the address of the 
at least one receiver device with each of a plurality of group identities (Chen et al., 
column 1 2, lines 4-1 2) that include the sender device to determine which of the plurality 
of group identities the message integrity code matches (Hardjono, page 3, lines 17-22). 

As to claim 6, Chen et al. teaches wherein 

the router device, wherein the act of replacing the first target group address 
reference, comprises an act of storing the first target address reference in the modified 
protected communication fragment (column 11, lines 48-57), and 

the at least one receiver device restores the protected communication fragment 
using the stored first target address reference in the modified protected communication 
fragment in order to allow verification of the message integrity code (column 12, lines 2- 
12, the restored mobile nodes home address returns the communication fragment/IP 
packet to it's original state which is what's required for MIC verification). 

As to claim 9, Hardjono teaches verification means being arranged to verify the 
cryptographic message integrity code (page 3, lines 13-20, the authenticator reading 
and authenticating the tags to determine message origin applies equally to MICs), 
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wherein a target address is a target group address referring to at least two 
receiver devices (Fig.1 and Fig. 2, e.g. transmitting to a multicast group as depicted in 
Fig. 1), and 

wherein the cryptographic message integrity code is at least partly based on the 
target address (page 7, line 13 to page 8, line 7, the generated tag (i.e. the 
cryptographic message integrity code) comprising the base/child encryption key which 
incorporates the multicast ID number (i.e. target address)). 

Hardjono does not specifically teach a receiver device being arranged to receive 
a modified communication fragment originating from a transmitter device through a 
router device, the modified communication fragment being derived from a 
communication fragment comprising a target address, the receiver device comprising: 

receiving means being arranged to receive the modified communication 
fragment, and 

restoring means being arranged to restore the original communication fragment 
that was used to compute the cryptographic message integrity code included in the 
modified communication fragment that by replacing an address of the receiver device 
with the target address. 

However, Chen et al. teaches a receiver device being arranged to receive a 
modified communication fragment originating from a transmitter device through a router 
device, the modified communication fragment being derived from a communication 
fragment comprising a target address (column 10, lines 7-21 , a care-of address for a 
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single node is a group of at least one receiver device, this is also standard practice for 
multicast in general), the receiver device comprising: 

receiving means being arranged to receive the modified communication fragment 
(column 12, lines 2-4), and 

restoring means being arranged to restore the original communication fragment 
that was used to compute the cryptographic message integrity code included in the 
modified communication fragment that by replacing an address of the receiver device 
with the target address (column 12, lines 4-8). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching of Hardjono to include the 
receiver device as in Chen et al. being arranged to receive communication fragments 
and the means to restore them to their original state used to compute the MIC as in 
Hardjono, because this would allow care-of and multicast addressing to still utilize an 
original MIC. 

As to claim 12, Hardjono teaches wherein the transmitter device and the receiver 
device share a common cryptographic key, and where the cryptographic message 
integrity code is computable and verifiable only by using the common cryptographic key 
(page 6, lines 12-13 and 19-20), but does not specifically teach wherein the common 
cryptographic key is not shared with the router. 

However, wherein the common cryptographic key is not shared with the router is 
well known and expected in the art (e.g. US Patent Application Pub. No. US 
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20020078353 A1 (hereinafter "Sandhu"), page 1, paragraph 12 and page 2, paragraph 
18, the (possibility of the) presence of an eavesdropper (i.e. the router) being the basis 
for the use of asymmetric cryptography to avoid the problem of (insecure) symmetric 
key distribution). Thereby official notice is taken. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify Hardjono to use a key unknown by any of 
the routers since this is well known and expected in the art and allows for the use of an 
existing multicast framework (as in Hardjono) to be used for secure communications of 
different types, e.g. unicast or a different multicast group. 

As to claim 14, Hardjono and Chen et al. teach wherein the receiver device is 
arranged to restore the communication fragment by replacing the address of the 
receiver device with each of a plurality of group identities (Chen et al., column 12, lines 
4-1 2) that include the transmitter device to determine which of the plurality of group 
identities the cryptographic message integrity code matches (Hardjono, page 3, lines 
17-22). 

10. Claims 4 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hardjono in view of Chen et al. and further in view of Sandhu. 

As to claim 4, Hardjono and Chen et al. do not specifically teach wherein the 
common cryptographic key is used to encrypt the message content. 
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However, Sandhu teaches wherein the common cryptographic key is used to 
encrypt the message content (page 1, paragraphs 9-10). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching of Hardjono in view of Chen 
et al. to use the common cryptographic key to encrypt the message content of Sandhu, 
because this would avoid the need to generate, distribute, and store multiple common 
cryptographic keys to allow both message integrity verification and message encryption. 

As to claim 13, Hardjono and Chen et al. do not specifically teach wherein the 
common cryptographic key is used to encrypt the message content. 

However, Sandhu teaches wherein the common cryptographic key is used to 
encrypt the message content (page 1 , paragraphs 9-10). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the teaching of Hardjono in view of Chen 
et al. to use the common cryptographic key to encrypt the message content of Sandhu, 
because this would avoid the need to generate, distribute, and store multiple common 
cryptographic keys to allow both message integrity verification and message encryption. 

1 1 . Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hardjono. 

Hardjono teaches a sender device (page 3, lines 13-17, the "network device") 
being arranged to transmit a communication fragment through a router device towards a 
receiver device, the communication fragment comprising a target group address 
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referring to at least two receiver devices (page 3, lines 20-22 and 25-27, the nature of 
multicasts is such that they include group addresses), the sender device comprising: 

protecting means being arranged to add a cryptographic message integrity code 
to protect at least part of the communication fragment, wherein the cryptographic 
message integrity code is at least partly based on the target group address and a 
cryptographic key (page 3, lines 15-17 and page 7, line 13 to page 8, line 7, the 
generated tag (i.e. the cryptographic message integrity code) comprising the base/child 
encryption key which incorporates the multicast ID number (i.e. target group address)), 
and 

transmitting means being arranged to transmit the communication fragment to a 
receiver device through a router device that is not able to modify the cryptographic 
message integrity code (page 8, line 29 through page 9, line 2, routers in Hardjono act 
as routers, senders and receivers and in the embodiment described merely append 
tags/MICs instead of changing them), but does not specifically teach where the router 
device does not have access to the cryptographic key. 

However, where the router device does not have access to the cryptographic key 
is well known and expected in the art (e.g. Sandhu, page 1 , paragraph 12 and page 2, 
paragraph 18, the (possibility of the) presence of an eavesdropper (i.e. the router) being 
the basis for the use of asymmetric cryptography to avoid the problem of (insecure) 
symmetric key distribution). Thereby official notice is taken. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify Hardjono to use a key unknown by any of 
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the routers since this is well known and expected in the art and allows for the use of an 
existing multicast framework (as in Hardjono) to be used for secure communications of 
different types, e.g. unicast or a different multicast group. 

Response to Arguments 

12. Applicant's arguments, with regards to claims 1 and 7-9, filed November 19, 2008 
have been fully considered but they are not persuasive. 

1 3. On pages 1 0-1 4 of the Applicant's Response, Applicant argues that Hardjono 
alone or in view of any combination of Chen and Sandhu fails to disclose the amended 
independent claims. 

14. The Examiner respectfully disagrees with Applicant's arguments, because absent 
specific arguments with regards to any perceived differences of claim interpretation or, 
likewise, any perceived failings of the originally cited art beyond merely underlining 
large portions of the above mentioned claims, the Argument provides no basis for 
rebuttal or agreement beyond the claim limitations themselves which are addressed in 
the rejections above. The cited portions of the references and the reasoning behind the 
rejections of the particular claims has been developed further in the appropriate 
rejections above where it has been deemed helpful and modified or added to where 
made necessary per Applicant's amendments. 

1 5. Therefore, in view of the above reasons, Examiner maintains rejections. 
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Conclusion 

16. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Travis Pogmore whose telephone number is (571)270- 
7313. The examiner can normally be reached on Monday through Thursday between 
8:30 a.m. and 4:00 p.m. eastern time. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Thomas Pham can be reached on 571-272-3689. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

U. P.I 

Examiner, Art Unit 2436 



/Nasser G Moazzami/ 

Supervisory Patent Examiner, Art Unit 2436 



